URL:Mal with http://point.lotusiloveyou.com

Everything seems fine now. Thank you :smiley:

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[b] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/b]
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

How is your system running now?

Can you help me too, please?

The log from MBam is missing.

Bruna51,

There is a malicious entry in your registry. Open regedit (press the Win key + the R key, then type regedit and press Enter), navigate to Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies and there should be an entry named “Shell” with value “explorer.exe,msiexec.exe /i http://point…”. Delete it.

Then run (via Win+R dialog) control schedtasks. Select “Task Scheduler Library” in the left panel. In the list in the middle select “PowerWord-SCT-JT” task and delete it.

Then reboot your computer.

Let me know if it worked.

Here it goes